Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Java program anti-obfuscation method and terminal

A program and indexing technology, applied in the field of anti-obfuscation, can solve problems such as analysis obstruction, stack confusion, and compilation failure, and achieve the effect of reducing costs and promoting development

Active Publication Date: 2021-02-26
XIAMEN MEIYA PICO INFORMATION
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In the reverse analysis industry, the obfuscated byte code has caused great obstacles to the analysis, resulting in the need to invest a lot of time and energy in the analysis, so an anti-obfuscation technology is needed to help reverse analysts to reduce the workload
[0006] Most of the existing Java decompilation tools on the Internet fail to compile when dealing with obfuscated JAR packages. The main reason is that the obfuscator uses some invalid codes to confuse the stack of the program, and the decompiler follows the normal code. Analysis will lead to logic errors, so the decompilation fails

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Java program anti-obfuscation method and terminal
  • A Java program anti-obfuscation method and terminal
  • A Java program anti-obfuscation method and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0076] Please refer to figure 1 , Embodiment 1 of the present invention is:

[0077] A kind of JAVA program anti-obfuscation method provided by the present invention comprises the following steps:

[0078] S1: Obtain the first index corresponding to the call instruction according to the call instruction in the bytecode corresponding to the JAVA program; rename the package name in the JAVA program according to the first index and the preset second index set , class name, interface name and member variables, to obtain the first JAVA program; the second index set includes indexes corresponding to package name, class name, interface name and member variables in the JAVA program;

[0079] The S1 is specifically:

[0080] Obtain the JAVA program and the bytecode corresponding to the JAVA program according to the preset JAR package;

[0081] According to the obfuscation rules of the JAVA program, rename the package name, class name, interface name and member variables in the JAVA ...

Embodiment 2

[0108] Please refer to figure 2 , the second embodiment of the present invention is:

[0109] A JAVA program anti-obfuscation terminal provided by the present invention includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and the processor implements the following steps when executing the program:

[0110] S1: Obtain the first index corresponding to the call instruction according to the call instruction in the bytecode corresponding to the JAVA program; rename the package name in the JAVA program according to the first index and the preset second index set , class name, interface name and member variables, to obtain the first JAVA program; the second index set includes indexes corresponding to package name, class name, interface name and member variables in the JAVA program;

[0111] The S1 is specifically:

[0112] Obtain the JAVA program and the bytecode corresponding to the JAVA program according to the preset JAR p...

Embodiment 3

[0133] The symbols in this embodiment refer to: package name / class name / interface name / member variable;

[0134] The anti-obfuscation scheme of the present invention is analyzed on the basis of Java bytecode. The tool javap provided by the JDK used will decompile the java bytecode into JVM instructions similar to assembly instructions.

[0135] Renaming includes static renaming and dynamic renaming.

[0136] Static renaming refers to analyzing JVM instructions without running them. Mainly by analyzing the class name, interface, and method used in the instruction, a call index is initially established for each class, and then all objects referenced to the symbol are replaced according to the records of the index when renaming.

[0137] Dynamic renaming refers to executing Java bytecode in a customized JVM virtual machine, and improving the call index generated in static analysis through reflection and call stack. According to the execution process in the JVM to simplify and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a JAVA program anti-obfuscation method and terminal, renaming the package name, class name, interface name and member variables in the JAVA program according to the first index and the preset second index set, to obtain The first JAVA program, and record the execution information when the Java virtual machine executes the bytecode through OpenJDK, delete the member variables and functions not called by the first JAVA program, obtain the second JAVA program, and execute according to the statement in the execution information Flow process, delete the unexecuted statement in the second JAVA program, obtain optimized JAVA program; The present invention solves in the Jar package that has confused originally, and the package name, class name, method in its JAVA program are replaced with no Any meaningful name will cause a lot of confusion when viewed in reverse analysis, resulting in a very time-consuming problem in the reverse analysis process.

Description

technical field [0001] The invention relates to the field of anti-obfuscation technology, in particular to a JAVA program anti-obfuscation method and a terminal. Background technique [0002] Software obfuscation is a "mathematical puzzle" encryption software system jointly designed by researchers at UCLA and IBM. This system allows users to use it as a program while preventing any hidden deciphering. In the process of program development in the computer field, the simplest obfuscation is name obfuscation, and the more intensive process obfuscation makes people unable to understand the principles of software programming and prevents those who want to obtain the source code to protect the source code. [0003] At present, the Java language generally uses ProGuard as a compression, optimization and obfuscation tool. ProGuard is an open source and free Java bytecode compression, optimization, and obfuscator, which is widely used in Java application development and Android deve...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F8/20G06F8/53
CPCG06F8/24G06F8/53
Inventor 张涛苏再添吴少华
Owner XIAMEN MEIYA PICO INFORMATION
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products